No more typing reviews! Try our Samantha, our new voice AI agent.

NetWitness Platform vs Sentinel comparison

NetWitness and OpenText are both solutions in the Security Information and Event Management (SIEM) category. NetWitness is ranked #33 with an average rating of 8.3, while OpenText is ranked #17 with an average rating of 7.5. NetWitness holds a 0.9% mindshare in SIEM, compared to OpenText’s 3.1% mindshare. Additionally, 75% of NetWitness users are willing to recommend the solution, compared to 82% of OpenText users who would recommend it.
NetWitness Platform
Read 36 NetWitness Platform reviews
  • 2,362 Views
  • 1,417 Comparison Views
75% willing to recommend
Sentinel
Read 17 Sentinel reviews
  • 4,622 Views
  • 4,530 Comparison Views
82% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 18, 2024

NetWitness Platform and Sentinel are leading contenders in the cybersecurity market. Sentinel seems to have the upper hand due to its advanced functionality and effectiveness, which users feel justifies its pricing.

Features: NetWitness Platform offers strong analytics, real-time monitoring capabilities, and robust support services. Sentinel features integration with other Microsoft services, advanced threat detection, and seamless integration in advanced networking environments.

Room For Improvement: NetWitness Platform needs enhanced scalability, better threat intelligence capabilities, and improved customization options. Sentinel could benefit from more user-friendly setup processes, better customization options, and improved user interfaces.

Ease of Deployment and Customer Service: NetWitness Platform users find customer support highly responsive but face deployment challenges. Sentinel offers quick deployment, integrates easily into existing Microsoft infrastructures, and has adequate customer support.

Pricing and ROI: NetWitness Platform is considered expensive by some users but offers justifiable ROI due to its high performance. Sentinel, while also not cheap, is viewed as providing good value due to its extensive features and integration capabilities.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed NetWitness Platform vs. Sentinel Report (Updated: March 2026).
Buyer's Guide
NetWitness Platform vs. Sentinel
March 2026
Download the complete report
Helped 885,311 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

NetWitness Platform
Ranking in Security Information and Event Management (SIEM)
33rd
Average Rating
7.4
Reviews Sentiment
7.4
Number of Reviews
36
Ranking in other categories
Log Management (34th)
Sentinel
Ranking in Security Information and Event Management (SIEM)
17th
Average Rating
7.6
Reviews Sentiment
6.7
Number of Reviews
17
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of March 2026, in the Security Information and Event Management (SIEM) category, the mindshare of NetWitness Platform is 0.9%, up from 0.6% compared to the previous year. The mindshare of Sentinel is 3.1%, down from 3.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM) Mindshare Distribution
ProductMindshare (%)
Sentinel3.1%
NetWitness Platform0.9%
Other96.0%
Security Information and Event Management (SIEM)
 

Featured Reviews

MOTASHIM Al Razi - PeerSpot reviewer
MOTASHIM Al Razi
CISO at One Bank Limited
It is a stable solution, but they should make the user interface easier to understand
The solution's initial setup takes work. We have to organize multiple paths and many features. The deployment process takes less than a week. But it takes a month to complete if we want to make the solution smarter by integrating it with various devices. I rate the process as a six out of ten.
Read full review
Simon Johnston - PeerSpot reviewer
Simon Johnston
Manager, Customer Success at Coltek Business Soltuions
Simple antivirus solution integrates well but could improve pricing and currency options
I don't really have experience working with these solutions. I promote them for our clients, but I don't work with them. I can't share my experience with these tools as I make assumptions about that. For both Adlumin and CrowdStrike, both confirm that they're scalable and enterprise-ready and all those kinds of things. We haven't had any specific problem with either of those. We just have a preference for which one we would prefer. If somebody says they want to use a different one from the one that we prefer, then we have to find reasons why they aren't. But scalability is not one of the reasons that one is better over the other. I don't really have advice for people that are looking into using Sentinel; just do your research across what is available. On a scale of one to ten, I rate Sentinel a seven.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It's fully scalable. There is no limit. Of course, the license limits per day the number of terabytes. In my opinion, it's very flexible."
"Offers a good wireless feature."
"Technical support is very good; they try to resolve issues with the proper SLAs which are defined by them and they understand the client's requirements as well as the client's infrastructure in a better manner."
"Overall, it is easy to implement."
"It's quite economical compared to other solutions in the market."
"Since the solution has been under way we have seen a large decrease of threats and proactive reactions to incidents."
"The most valuable features are the packet inspection and the automated incident response."
"The most valuable feature of RSA NetWitness Logs and Packets are the alerts and correlations tools."
More NetWitness Platform pros
"If Sentinel is integrated with Identity Manager and User Application Portal, the solution runs simply perfect!"
"The stability is phenomenal and we never had any issues with downtime or even had to restart."
"The solution lets us get all the logs properly and regularly monitor customer infrastructure."
"The most valuable feature of this solution is that it provides a central locking system for many event sources."
"It provides real time security event analytics."
"Sentinel gave us logs to tell us what's going right and wrong in your environment so we could secure the network."
"The correlation engine allows our clients to generate rules more efficiently."
"The most valuable feature of this solution is that it provides a central locking system for many event sources."
More Sentinel pros
 

Cons

"RSA NetWitness Logs and Packets can improve the threat level aspect, it is lacking compared to other solutions. Whenever any hacking activity or any other threat factor occurred they used to provide the coverages very fast when comparing RSA NetWitness Logs and Packets. I heard the other three solutions, from a discussion with my team members who had experience in other solutions, they used to say that. Whenever any issues happened across the globe RSA NetWitness Logs and Packets are a little bit slow improving those detection mechanisms."
"Log aggregation is an issue with this solution because there are a huge number of alerts in a single instance."
"The initial setup is very complex and should be simplified."
"Its technical support could be better."
"The initial setup was complex because it takes a lot of time to complete the implementation."
"Nowadays, their support is a little subpar compared to other solutions. I rate RSA support six out of 10."
"The implementation needs assistance."
"One thing to be improved in NetWitness is the capability to correlate event logs in a general sense."
More NetWitness Platform cons
"Some functions look great but, in practice, some key limitations turn the process into something opaque."
"I would prefer to extend dashboards part and their functions in Web GUI version, so the charts could be for configurable."
"On version 5, builder was somewhat unstable during deployment -> workaround strong procedure with too many middle steps of saves."
"Frankly speaking, we did not find this product to be valuable, at all."
"I would like to see a better reporting work structure on the dashboard."
"The solution does not allow outsourced authorizations."
"It's probably not a product that I would recommend to anyone."
"The dashboard and customer view should be improved"
More Sentinel cons
 

Pricing and Cost Advice

"The new pricing and licensing mechanisms are fair. I would advise always to get the full solution (i.e., not only Logs)."
"We have yearly licensing costs. The license fee can be based on the volume of EPS. Some organizations may have, as a gentlemanly gesture, 10,000 EPS and get a 3,000 EPS license but actually use 5,000 EPS."
"In comparison to other SIEM solutions such as Splunk, NetWitness is less costly."
"We are on an annual license for the use of the solution."
"RSA NetWitness Logs and Packets do not have a subscription model, it's a one-time purchase. There is only a perpetual license."
"The product is expensive."
"We have a perpetual license, so the total cost of ownership is not very expensive. It's a good investment."
"It is cheap."
More NetWitness Platform pricing and cost advice
"We inquired about getting support from the vendor, Micro Focus, but the cost was very high."
"Sentinel is a subscription-based solution."
"Sentinel is moderately priced."
"Sentinel's slightly on the expensive side."
"The solution’s pricing is aligned with its competitors."
"We receive a pricing discount because of our ongoing partnership with Micro Focus."
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
See recommendations
885,311 professionals have used our research since 2012.
 

Comparison Review

VS
Vinod Shankar
Manager, Enterprise Risk Consulting at a tech company with 1,001-5,000 employees
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
Read full review
 

Top Industries

By visitors reading reviews
Financial Services Firm
11%
Performing Arts
8%
Comms Service Provider
7%
Outsourcing Company
7%
Computer Software Company
10%
Financial Services Firm
9%
Comms Service Provider
8%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business8
Midsize Enterprise7
Large Enterprise20
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise3
Large Enterprise7
 

Questions from the Community

What do you like most about NetWitness Platform?
The product's initial setup phase was not at all difficult.
See all answers
What is your experience regarding pricing and costs for NetWitness Platform?
The pricing is comparable to others, and I consider the cost to be intermediate. Specific cost details are unknown to me.
See all answers
What needs improvement with NetWitness Platform?
There is currently no need for improvement in the SIEM ( /categories/security-information-and-event-management-siem ), though there could be potential enhancements by integrating with AI.
See all answers
What is your experience regarding pricing and costs for NetIQ Sentinel?
I don't have too many comments overall about pricing as we're in South Africa, so it makes more sense if it's billed in rand. They nearly always bill it in dollars, so if it can be billed in our cu...
See all answers
What needs improvement with NetIQ Sentinel?
I'm not sure what the room for improvement is for Sentinel. It needs to stay current, and it does, so I suppose that's fine. I don't have a high demand for what it should do. Price is always a cons...
See all answers
What is your primary use case for NetIQ Sentinel?
It's our go-to choice for antivirus. I use Sentinel a lot.
See all answers
 

Comparisons

IBM Security QRadar vs NetWitness Platform Logo
IBM Security QRadar vs NetWitness Platform
Compared 7% of the time
Splunk Enterprise Security vs NetWitness Platform Logo
Splunk Enterprise Security vs NetWitness Platform
Compared 6% of the time
Elastic Security vs NetWitness Platform Logo
Elastic Security vs NetWitness Platform
Compared 4% of the time
Sumo Logic Security vs NetWitness Platform Logo
Sumo Logic Security vs NetWitness Platform
Compared 4% of the time
RSA enVision vs NetWitness Platform Logo
RSA enVision vs NetWitness Platform
Compared 3% of the time
More NetWitness Platform Competitors
Splunk Enterprise Security vs Sentinel Logo
Splunk Enterprise Security vs Sentinel
Compared 19% of the time
IBM Security QRadar vs Sentinel Logo
IBM Security QRadar vs Sentinel
Compared 11% of the time
Wazuh vs Sentinel Logo
Wazuh vs Sentinel
Compared 7% of the time
Cortex XSIAM vs Sentinel Logo
Cortex XSIAM vs Sentinel
Compared 4% of the time
CrowdStrike Falcon vs Sentinel Logo
CrowdStrike Falcon vs Sentinel
Compared 4% of the time
More Sentinel Competitors
 

Product Reports

Buyer's Guide
NetWitness Platform
March 2026
NetWitness Platform reportDownload NetWitness Platform product report
Buyer's Guide
Sentinel
March 2026
Sentinel reportDownload Sentinel product report
 

Also Known As

RSA Security Analytics
NetIQ Sentinel, Novell SIEM
 

Overview

NetWitness Platform is an evolved SIEM and threat detection and response solution that functions as a single, unified platform for ALL your security data. It features an advanced analyst workbench for triaging alerts and incidents, and it orchestrates security operations programs end to end. In short: NetWitness Platform is all you need to run an intelligent SOC.

NetWitness

Sentinel is a full-featured Security Information and Event Management (SIEM) solution that simplifies the deployment, management and day-to-day use of SIEM, readily adapts to dynamic enterprise environments and delivers the true "actionable intelligence" security professionals need to quickly understand their threat posture and prioritize response.

OpenText
 

Sample Customers

Los Angeles World Airports, Reply
Faysal Bank, GaVI, Handelsbanken, ISC Mªnster, Lambeth Council, Swisscard, The Municipality of Siena, Tukes, University of Dayton, University of the Sunshine Coast
Buyer's Guide
NetWitness Platform vs. Sentinel
March 2026
Free Report: NetWitness Platform vs. Sentinel
Find out what your peers are saying about NetWitness Platform vs. Sentinel and other solutions. Updated: March 2026.
DOWNLOAD NOW
885,311 professionals have used our research since 2012.
See our NetWitness Platform vs. Sentinel report.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.